There are multiple vulnerabilities in IBM® DB2 used by IBM Operations Analytics Predictive Insights 1.3.6 and earlier. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs ((CVE-2020-4386, CVE-2020-4355, CVE-2020-4420,CVE-2020-4414, CVE-2020-4363, CVE-2020-4387)
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) |
---|---|
IBM Operations Analytics Predictive Insights | All |
Please consult the security bulletin IBM® Db2® is vulnerable to an information disclosure. (CVE-2020-4386) for vulnerability details and information about fixes.
Please consult the security bulletin IBM® Db2® may be vulnerable to a Denial of Service attack (CVE-2020-4355) for vulnerability details and information about fixes.
Please consult the security bulletin IBM® Db2® is vulnerable to a denial of service attack (CVE-2020-4420) for vulnerability details and information about fixes.
Please consult the security bulletin IBM® Db2® is vulnerable to an information disclosure and denial of service (CVE-2020-4414) for vulnerability details and information about fixes.
Please consult the security bulletin IBM® Db2® is vulnerable to buffer overflow leading to a privileged escalation (CVE-2020-4363) IBM® Db2® is vulnerable to an information disclosure and denial of service (CVE-2020-4414) for vulnerability details and information about fixes.
Please consult the security bulletin IBM® Db2® is vulnerable to an information disclosure. (CVE-2020-4387) IBM® Db2® is vulnerable to an information disclosure and denial of service (CVE-2020-4414) for vulnerability details and information about fixes.
With Predictive Insights iFix 3, DB2 version 11.5.4 is supported and recommended to apply. Alternatively, apply FP11 to DB2 version 10.5.
None